Behind The Scenes: Acumatica's Approach To Cyber Attack Security

More and more often, business websites and computer systems are vulnerable to hacking and other cyber threats. These incidents damage businesses and other organizations, especially if security is breached and sensitive or confidential business and personal data is compromised. Cyber incidents cost companies and taxpayers billions of dollars each year in lost information and the costs to respond and repair what the hackers have damaged. In addition to the attack itself, customers lose faith quickly when there is a security breach because they feel that the company is careless with their sensitive information. There is light at the end of the tunnel, however.

Kensium’s ERP partner, Acumatica, has numerous security processes to prevent cyber-attacks and secure business and customer information proactively. In this article, we will discuss the ways Acumatica prevents cyberattacks and saves you valuable time, money, and data.

Dedicated Security Team

Acumatica’s Security team utilizes several resources when developing a plan to implement preventative actions. For example, the National Institute of Standards and Technology (NIST) Framework and Cyber Security Framework (CSF) improves Acumatica’s overall Cybersecurity position. The framework is a voluntary risk-based set of best practices and industry standards created to enhance security and resilience online. In addition, while the focus is on processes and technologies, Acumatica works to provide education and security awareness for its employees throughout the year.

Cyber Security Incident Response Team

The Cyber Security Incident Response Team is responsible for investigating and responding to cyber incidents following internal procedures.

Employee Reporting

The Security team reports cyber incidents and rapidly responds by notifying employees through direct communication or a companywide notification.

Enhanced Security Measures

Acumatica enhances its data security controls and procedures to deter and prevent cyber incidents. Its Security teams stay updated on the most recent IT protection measures. Some examples of these measures are:

• Maintain an asset inventory of all computer and network hardware and software
• Use secure configurations
• Monitor vulnerability reports and applies security patches
• Grant users access to only the information they need to do their job
• Follow password creation and protection best practices
• Use read-only views of documents and materials whenever possible
• Encrypting essential or sensitive data, including personal information
• Keep anti-virus software up to date and implement other measures to protect against malware
• Building security into applications and systems using security-by-design principles
• Test data security on mobile apps, websites, and devices to identify potential privacy and security issues

Network Security Architecture

Acumatica has developed, implemented, and maintains a robust network security architecture with controls like:

• Network segmentation
• Next-gen firewalls complete with intrusion detection and cyber-attack prevention services
• Acumatica continuously monitors and manages log files to detect security issues and incidents
• Monitors third-party activities and procedures with access to network and computer systems, both directly and remotely
• Regularly performing network scans to detect and assess vulnerabilities
• Continuous monitoring of network activity

In addition to these processes, Acumatica’s DevSecOps program continuously looks to improve its security measures and develop security enhancements. They address common web application security issues by:

• Create names for tables and fields that are difficult to guess
• Databases, applications, and web services are housed on separate servers
• Maintain strict input validation

Digital Security Supply Chain

Acumatica’s Security team regularly evaluates the entire digital security supply chain. They understand that if even a single link is weak, it is vulnerable to a cyber-attack. The Security team understands the interdependencies of their systems and maintains system statuses by:

• Mapping the existing digital security supply chain
• Identifying and addressing challenges to the supply chain, including potential security risks
• Encouraging digital security supply chain engagement

Acumatica Response Plan

Acumatica has a seven-step cyber-attack response plan if an attack occurs. This written plan identifies multiple incident scenarios and provides appropriate responses. This plan is not only for domestic threats but is global. The following components comprise the response plan:

• Response team
• Reporting
• Initial response
• Investigation
• Recovery and follow up
• Public relations
• Law enforcement

This plan is implemented whenever a security breach or cyber-attack is detected.

Step 1: Incident Discovery & Reporting

To discover and report cyber incidents from Acumatica’s Security Operation Center (SOC), the Response team takes the following actions of discovery and reporting:

• Continuously monitor Acumatica’s information systems to ensure they are up to date and secure
• Monitor Acumatica’s computer and network logs for signs of potential weakness or incidents
• Track all reported incidents within a ticketing system
• Create risk ratings to classify reported incidents by low, medium, or high risk and facilitate the appropriate response

Step 2: Initial Response

When a potential incident is reported, the Security team conducts a preliminary investigation and determines if a data breach has occurred. Depending on the severity of the incident, but at the minimum, the following steps are taken:

• Stop the cyber incident or intrusion from spreading further
• Document and begin an investigation
• Follow the investigation checklist as set out in the cyber incident response plan to start the initial investigation
• Notify customers, internal stakeholders, and any applicable data controllers as required by law

Step 3: Incident Communication

Acumatica’s Security team coordinates communication with the executive leadership and other affected departments regarding cyber incidents. The Security team is responsible for coordinating efforts to ensure effective communication and cooperation with all parties involved in response to a cyber incident or data breach. These departments are:

• IT
• Human Resources
• Legal department
• Company business units

External parties are:

• Regulatory authorities
• Customers affected
• Media agencies

Acumatica sends communication as required by applicable laws and regulations direct to customers.

External communications include:

• The nature of the incident
• Name and contact details of the Data Protection Officer or other contacts to obtain additional information
• Potential consequences of the incident
• Measures proposed or taken by the controller to address the incident and actions taken to mitigate potential adverse effects.

During this step, Acumatica sends out the required legal disclosures. The SEC advises that public companies are responsible for evaluating cybersecurity risks and disclosing the risks to the stakeholders potentially affected. While Acumatica is a private company, they take steps to assess if the compliance plan and disclosure procedures are required at the time of a cyber incident.

Step 4: Investigation

Once the initial response assessment is completed, Acumatica may perform a formal internal investigation depending on the incident level of intrusion and the impact on critical business functions. An internal investigation allows Acumatica to fully understand and identify the cyber incident and other risks and detect any previously unknown vulnerabilities. Acumatica then identifies improvements to computer systems. Additionally, Acumatica uses outside legal counsel and third-party cybersecurity teams to assist when necessary.

Acumatica Is Constantly Improving Responses To Threats

Acumatica’s compliance work plan focuses on monitoring the highest risks for potential cyber incidents and addressing cyber incident procedures and other compliance matters. The compliance plan is a living document, reviewed and updated regularly. The items this plan covers are:

• Policies and procedures
• Codes of conduct
• Security Awareness training
• Incident response procedures

What This Means For You

Acumatica is constantly evolving and improving its processes to keep your and your customer's data safe from cyber-attacks. They understand that it is critical to your business to have the peace of mind that data is secure and a plan is in place if there is a breach. When Kensium implements your Acumatica ERP, you get these security benefits and more. You can rest assured that both Kensium and Acumatica have security procedures to ensure your data is safe. If there is an attack, teams spring into action to mitigate any damage done and provide additional security measures to prevent attacks.